Biometric authentication tools are set to go mainstream as the simplest, most effective mechanism for securing end-user mobile devices in the enterprise, says Morpho South Africa.

Morpho South Africa MD Paul Jeremias says there is a significant divergence among South African enterprises on the level of mobile security they employ at the moment. "Some have multiple layers of security, but many have very little control over the mobile devices used by employees," he says. "Those who do implement access control on devices tend to rely on traditional PINs and alphanumeric passwords."

Jeremias notes it is increasingly important to secure any device that has access to enterprise systems and information. However, traditional methods of issuing users new alphanumeric passwords or PINs at regular intervals is not always the most practical method of doing so. "Users may forget their new passwords, or find a way around using them at all. It can be time-consuming and impractical to input a password every time you use a phone. And in many cases, the device password must be used in addition to passwords needed to access certain applications and systems."

The solution lies in using biometrics for mobile device security, he says. "Fingerprint, facial or voice recognition technologies can make the process of accessing a device significantly faster and simpler. In addition, it would be relatively easy to use the same biometric identification tools to control the user's access to apps and enterprise systems, presenting opportunities to cut the time and frustration involved in logging on to various systems."

Jeremias says South African enterprises have been cautious about moving to biometrics for mobile user authentication. "This may be because of early vulnerabilities in these tools some years ago. But biometrics technologies – particularly fingerprint recognition – have matured, and they are now as secure as complex password policies, if not more so." He notes that the use of biometric authentication need not be limited to devices equipped with fingerprint scanning tools. "Smartphones can also be equipped with effective facial recognition or voice recognition," he says.

As the market seeks more efficiency and less complexity, Jeremias predicts a swing to mobile and biometrics tools as a major factor in user authentication in future. "The local market is looking at it, and is definitely interested. From overseas, we are seeing major implementations starting to take place, such as some US states looking to replace driver's licence cards with certificates installed on smartphones. I believe in the next five to 10 years, we will see many organisations replacing access control cards, tokens and other physical identification methods by mobile, biometrics-based authentication."